ISIS terrorists were planning to launch a suicide attack on a market frequented by British and Jewish tourists in Djerba, Tunisia. The attack was stopped, however, by an unlikely group of heroes. Hackers had been watching ISIS social media accounts and caught wind of the plot before it could happen.
They passed the information to a government contact, and “two days later we were informed that arrests were made per our intelligence,” said the hacker called DigitaShadow, operations director of the hacker group GhostSec, in an email interview.
ISIS was planning a similar attack on New York City, which the hackers may have also played a role in stopping. “A prominent Islamic State [ISIS] account was relaying information that six terror cells in NYC would be activated, among other accounts stating that NYC would burn,” DigitaShadow said.
Ghost Security (GhostSec) operates without government oversight, and without the red tape or legal restrictions that inhibit government action. It can infiltrate ISIS recruitment networks, launch attacks on terrorist websites, and not worry about political fallout or public scrutiny. Its efforts to fight back against terrorists on the online frontier may be helping lay the foundations for a new form of counterterrorism.
GhostSec was started by a group of highly skilled hackers, after two Islamist gunmen raided the Paris office of satirical newspaper Charlie Hebdo on Jan. 7, killing 12 people and wounding 11. DigitaShadow said after the attacks, “Many individuals including ourselves realized first hand that this was not an issue isolated to the Middle East and that everyone was at risk of becoming a victim of terrorism.”
The new hacker group was formed, DigitaShadow said, “to combat the Islamic State (ISIS) online in an attempt to slow their online recruitment and cripple their digital infrastructure.”
Their go-between for law enforcement and intelligence officials is Michael Smith, principal of national security company Kronos Advisory.
Smith confirmed in a phone interview that information from GhostSec “was useful in helping coordinate an effort to assail an attack in Tunisia.” He said they had provided him with information on the pending attack, and “I was able to look at it and assess the counterterrorism community would have an interest in the material.”
He was unable to confirm whether GhostSec’s information helped stop the attack in New York, however. He said it’s rare to get feedback on data used for counterterrorism, yet noted he “knew there was value” in the information GhostSec provided.
The Middle Ground
Over the last several months, GhostSec claims it has taken out close to 60,000 ISIS social media accounts that were being used for recruitment and sending threats, and shut down 100 ISIS websites used for recruitment, spreading propaganda, and planning attacks. They also quietly monitor many terrorist websites, including those hidden in the Deep Web.
GhostSec has leaked lists of some of its targets, including IP addresses where the websites are hosted. A recent leak included a list of 791 Twitter accounts, 11 Facebook pages, and 52 emails used by ISIS members and supporters. Epoch Times was able to independently verify some of the information.
